InCommon / Request an SSL certificate

Issue/Question

  • I want to request an SSL certificate for a web server through InCommon-Sectigo Certificate Service

Environment

  • Security
  • 12587: Certificate Services
  • InCommon-Sectigo Certificate Service

Procedure

  • Prior to making a certificate request, you must create a CSR (certificate signing request)
  • Certificate requests can be made using the InCommon Enrollment form
  1. Go to the InCommon Certificate Request Enrollment form
  2. Enter Miami's access code and your email address
  3. From the Certificate Type drop-down select one of the following options:
    • InCommon SSL (SHA-2) (customized for Miami University) — a single certificate for a fully qualified domain name
    • InCommon Wildcard SSL Certificate (SHA-2) (customized for Miami University)
    • InCommon Multi Domain SSL (SHA-2) (customized for Miami University) — multiple fully-qualified domains on a single certificate
  4. From the Certificate Term drop-down, select 1 year
  5. From the Server Software drop-down, select the appropriate option
    • If the server type is not listed, choose OTHER, and include additional information about the server in the Comments field
  6. Copy/paste or upload the CSR to the CSR field
  7. Enter the fully qualified domain name in the Common Name field
    • The request will not be submitted for review and approval if the common name is not the fully qualified domain name
  8. DO NOT use the pass-phrase section when submitting a certificate request or check the auto renewal box
  9. In the Comments field, enter a description of the server including the server name and service it provides:
    • Wildcard Certificate Requests
      • For the required field for servers, the number of servers in most cases will be one
      • The option for the Certificate Term field will be for two years only
    • Multi-domain Requests
      • After selecting InCommon Multi Domain SSL (SHA-2), the Subject Alternative Names option under the Common Name field will appear. This field (required) allows you to enter alternative domain names for a single certificate

 

Notes

  • Submitted requests may take up to four hours to be processed and validated by Sectigo. If you do not receive the email with the subject title "Enrollment Successful" within 24 hours of submitting your request, please contact Security Compliance and Risk Management office to have the request expedited. The certificate should then be issued within an hour of being expedited
    • If you have problems with an issued certificate and need to re-submit a CSR, email infosec@miamioh.edu; include the new CSR and the full common name instead of submitting a new certificate request using the InCommon enrollment form. The issued certificate will be replaced using the newly generated CSR
    • Once the certificate has been approved, you will receive an email with information on downloading the certificate
  • To ensure that all clients can verify the trust chain of the certificate, you must install the Intermediate CA Chains. See related articles for instructions on how to install Intermediate CA Chains
  • If you need help, submit a ticket to Sectigo Support/Ticket Requests. You will need the order number for the certificate in question: You will find it in the email you received with the certificate information (i.e., Order Number: XXXXXXX)
  • Additional Resources:

 

Details

Article ID: 5799
Created
Wed 5/20/15 9:17 AM
Modified
Thu 6/24/21 10:03 AM
Can you resolve this issue yourself?
Yes! This is self-service with a smile.